<?php

	require_once('../includes/config.php');
	require_once('../includes/functions.php');
	
	$accountNum = $_GET['accountNum'] != '' ? (' - account ' . $_GET['accountNum']) : '';
	
	// Retrieve base HTML
	$pageStr = buildStandardPage('Transaction History' . $accountNum , 'Transaction History');
	
	$content = '';

	if(isMobile()){
	
	}
	else{
		if(true == isLoggedIn()) {
			$transactionAttribs = getTransactionAttributes();
			
			if (false == isAdmin()){
				if(true == isActive()){
					$id = getID();
					
					// Retrieve the account ID from either the POST or GET associative array
					$accountID = (true == isset($_POST['submit'])) ? $_POST[$ACCOUNT_ID] : $_GET[$ACCOUNT_ID] ;
					$query = '';
					if(true == isset($_POST['submit'])){
						// This is a special case SQL query that is unique to this page so we're hard coding it!
						date_default_timezone_set('America/Chicago' );
						$query = 'select * from transaction where accountid=' . $accountID . ' AND date >= "' . strftime("%Y-%m-%d", strtotime($_POST['from'])) . '" AND date <= "' . strftime("%Y-%m-%d", strtotime($_POST['to'])) . '"';
					}
					else{
						$query = buildSelectStatement('transaction', array('accountid' => $accountID));
					}
					
					$result = executeSQL($query, 'Failed to retreive transactions for this account.');
					$content .= '<form method=POST action='. $_SERVER['PHP_SELF'] .' onsubmit="return validateLoginForm(this);">';
					$content .= '<input type=hidden value=' . $accountID . ' name=' . $ACCOUNT_ID . ' >';
					$content .= '<strong>Search by date -</strong> Start Date:<input type="text" id="from" name=from > End Date:<input type="text" id="to" name=to >  ';
					$content .= '<input type=submit name=submit value=Search > </form><br/>';
					
					// Build a table of the transaction history for the currently selected account
					$content .= '<table border=1 cellpadding=2 width=650>';
					$content .= '<tr>';
					foreach($transactionAttribs as $fieldName => $description){
						if ($fieldName != 'accountid'){
							$content .= '<td>' . $description . '</td>';
						}
					}
					$content .= '</tr>';
					
					while($row = mysql_fetch_array($result)){
						$content .= '<tr>';
						foreach($transactionAttribs as $fieldName => $description){
							switch($fieldName){
								case 'amount':
								case 'balance':
									$content .= '<td>$' . $row[$fieldName] . '</td>';
									break;
								case 'accountid':
									break;
								default:
									$content .= '<td>' . $row[$fieldName] . '</td>';
									break;
							}							
						}
						$content .= '</tr>';
					}
					$content .= '</table>';
				}
				else{
					$content .= $NOT_ACTIVE_MESSAGE;
				}
			}
			else {
				$content .= $MUST_BE_BANK_MNGR;
			}
		}
		else{
			$pageStr = buildStandardPage('Transaction History' , 'Transaction History');
			$content .= $MUST_BE_LOGGED_IN;
		}
	}
		
	$pageStr = str_Replace('<!--content-->', $content, $pageStr);

	/**
	 * Send the generated HTML to the client's browser
	 */
	echo $pageStr;

?>